package com.tyqx.hashchainbackend.controller;

import hashchainutil.common.DigestUtil;
import hashchainutil.common.EmptyUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;


@RestController
public class LoginController {

    @RequestMapping("/login")
    @ResponseBody
    public String login(String userCode,String userPassword){
        String message="";
        if(EmptyUtils.isEmpty(userCode)){
            message="登录账号不能为空";
        }
        if(message==""&&EmptyUtils.isEmpty(userPassword)){
            message="登录密码不能为空";
        }
        //登录
        if(EmptyUtils.isEmpty(message)){
            Subject currentUser= SecurityUtils.getSubject();
            //加密密码
            String md5Password= DigestUtil.hmacSign(userPassword);
            UsernamePasswordToken upToken=new UsernamePasswordToken(userCode,md5Password);
            try {
                currentUser.login(upToken);
                message="success";
            }catch (UnknownAccountException uae){
                message="账号不存在";
            }catch (IncorrectCredentialsException ice){
                message="用户名或密码错误";
            }catch (LockedAccountException lae){
                message="账号已被锁定";
            }catch (AuthenticationException e){
                message="登录异常,请稍后再试";
                e.printStackTrace();
            }
        }
        return message;
    }


}
